def parse_item(self): """ get parent object """ # pylint: disable=protected-access if self.raw_value == "": self.add_error(errors.MISSING_VALUE_ERROR, column_name=self.display_name) return None slug = self.raw_value obj = self.new_objects.get(self.parent, {}).get(slug) if obj is None: obj = self.parent.query.filter(self.parent.slug == slug).first() if obj is None: self.add_error(errors.UNKNOWN_OBJECT, object_type=self.parent._inflector.human_singular.title(), slug=slug) return None context_id = None if hasattr(obj, "context_id") and \ hasattr(self.row_converter.obj, "context_id"): context_id = obj.context_id if context_id is not None: name = self.row_converter.obj.__class__.__name__ if not permissions.is_allowed_create(name, None, context_id) \ and not permissions.has_conditions('create', name): self.add_error(errors.MAPPING_PERMISSION_ERROR, object_type=obj.type, slug=slug) return None return obj
def parse_item(self): """ get parent object """ # pylint: disable=protected-access if self.raw_value == "": self.add_error(errors.MISSING_VALUE_ERROR, column_name=self.display_name) return None slug = self.raw_value obj = self.new_objects.get(self.parent, {}).get(slug) if obj is None: obj = self.parent.query.filter(self.parent.slug == slug).first() if obj is None: self.add_error( errors.UNKNOWN_OBJECT, object_type=self.parent._inflector.human_singular.title(), slug=slug) return None context_id = None if hasattr(obj, "context_id") and \ hasattr(self.row_converter.obj, "context_id"): context_id = obj.context_id if context_id is not None: name = self.row_converter.obj.__class__.__name__ if not permissions.is_allowed_create(name, None, context_id) \ and not permissions.has_conditions('create', name): self.add_error(errors.MAPPING_PERMISSION_ERROR, object_type=obj.type, slug=slug) return None return obj
def _check_related_permissions(self, obj): """Check permissions before deleting related Evidence or Document""" if not permissions.is_allowed_delete( obj.type, obj.id, obj.context_id) \ and not permissions.has_conditions("delete", obj.type): raise wzg_exceptions.Forbidden() if not permissions.is_allowed_delete_for(obj): raise wzg_exceptions.Forbidden()
def _check_related_permissions(self, obj): """Check permissions before deleting related Evidence or Document""" if not permissions.is_allowed_delete( obj.type, obj.id, obj.context_id) \ and not permissions.has_conditions("delete", obj.type): raise wzg_exceptions.Forbidden() if not permissions.is_allowed_delete_for(obj): raise wzg_exceptions.Forbidden()
def _ensure_has_permissions(obj): """Ensure user has permissions, otherwise raise error""" model_name = obj.__class__.__name__ if permissions.is_allowed_update(model_name, obj.id, obj.context_id): return if permissions.has_conditions('update', model_name): return if permissions.is_allowed_update_for(obj): return raise exceptions.Forbidden()
def _ensure_has_permissions(obj): """Ensure user has permissions, otherwise raise error""" model_name = obj.__class__.__name__ if permissions.is_allowed_update(model_name, obj.id, obj.context_id): return if permissions.has_conditions('update', model_name): return if permissions.is_allowed_update_for(obj): return raise exceptions.Forbidden()